# Copyright 2019 Google LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

# NOTE: This file is auto generated by the elixir code generator program.
# Do not edit this file manually.

defmodule GoogleApi.BinaryAuthorization.V1.Model.CheckSet do
  @moduledoc """
  A conjunction of policy checks, scoped to a particular namespace or Kubernetes service account. In order for evaluation of a `CheckSet` to return "allowed" for a given image in a given Pod, one of the following conditions must be satisfied: * The image is explicitly exempted by an entry in `image_allowlist`, OR * ALL of the `checks` evaluate to "allowed".

  ## Attributes

  *   `checks` (*type:* `list(GoogleApi.BinaryAuthorization.V1.Model.Check.t)`, *default:* `nil`) - Optional. The checks to apply. The ultimate result of evaluating the check set will be "allow" if and only if every check in `checks` evaluates to "allow". If `checks` is empty, the default behavior is "always allow".
  *   `displayName` (*type:* `String.t`, *default:* `nil`) - Optional. A user-provided name for this `CheckSet`. This field has no effect on the policy evaluation behavior except to improve readability of messages in evaluation results.
  *   `imageAllowlist` (*type:* `GoogleApi.BinaryAuthorization.V1.Model.ImageAllowlist.t`, *default:* `nil`) - Optional. Images exempted from this `CheckSet`. If any of the patterns match the image being evaluated, no checks in the `CheckSet` will be evaluated.
  *   `scope` (*type:* `GoogleApi.BinaryAuthorization.V1.Model.Scope.t`, *default:* `nil`) - Optional. The scope to which this `CheckSet` applies. If unset or an empty string (the default), applies to all namespaces and service accounts. See the `Scope` message documentation for details on scoping rules.
  """

  use GoogleApi.Gax.ModelBase

  @type t :: %__MODULE__{
          :checks => list(GoogleApi.BinaryAuthorization.V1.Model.Check.t()) | nil,
          :displayName => String.t() | nil,
          :imageAllowlist => GoogleApi.BinaryAuthorization.V1.Model.ImageAllowlist.t() | nil,
          :scope => GoogleApi.BinaryAuthorization.V1.Model.Scope.t() | nil
        }

  field(:checks, as: GoogleApi.BinaryAuthorization.V1.Model.Check, type: :list)
  field(:displayName)
  field(:imageAllowlist, as: GoogleApi.BinaryAuthorization.V1.Model.ImageAllowlist)
  field(:scope, as: GoogleApi.BinaryAuthorization.V1.Model.Scope)
end

defimpl Poison.Decoder, for: GoogleApi.BinaryAuthorization.V1.Model.CheckSet do
  def decode(value, options) do
    GoogleApi.BinaryAuthorization.V1.Model.CheckSet.decode(value, options)
  end
end

defimpl Poison.Encoder, for: GoogleApi.BinaryAuthorization.V1.Model.CheckSet do
  def encode(value, options) do
    GoogleApi.Gax.ModelBase.encode(value, options)
  end
end
